Cisco Umbrella default SSH key allows theft of admin credentials

Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance, allowing unauthenticated attackers to steal admin credentials remotely.

Fraser Hess of Pinnacol Assurance found the flaw in the key-based SSH authentication mechanism of Cisco Umbrella VA. Cisco Umbrella, a cloud-delivered security service used by over 24,000 organizations as DNS‑layer security against phishing, malware, and ransomware attacks, uses these on-premise virtual machines as conditional DNS forwarders that record, encrypt, and authenticate DNS data.

“This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA,” Cisco explained.

Luckily, Cisco says that the SSH service is not enabled by default on Umbrella on-premise virtual machines, significantly lowering the vulnerability’s overall impact.

In November, Cisco also fixed a similar critical severity bug caused by default SSH keys in the key-based SSH authentication mechanism of Cisco Policy Suite, which could let unauthenticated and remote attackers log into affected systems as the root user.

The same day, the company also addressed a second critical flaw linked to hard-coded credentials in the Telnet service of Cisco Catalyst PON Series Switches ONT that allows unauthenticated attackers to log in remotely using a debugging account with a default password.

Share this article on social media:

Subscribe to Our Newsletter!

Stay on top of cybersecurity risks, evolving threats and industry news.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Fill out the form below and get an answer from our experts within 1 business day.
Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.
PCI-DSS

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

Scroll to Top

BOOK A MEETING

Enter Your
Corporate Email

BOOK A MEETING WITH AN EXPERT

Enter Your Corporate Email

Restez Informés!

Abonnez-vous pour rester au fait des dernières tendances, menaces, nouvelles et statistiques dans l’industrie.